Menu
I have a AWS Aurora db in vpc in private subnet. From Aurora, we need to execute lambda which will connect to pinpoint to send sms. Lambda function needs access to internet. How to provide internet to vpc without using nat
892
Internet access from a private subnet requires network address translation (NAT). To give internet access to an Amazon VPC-connected Lambda function, route its outbound traffic to a NAT gateway or NAT instance in a public subnet. For more information, see Internet gateways in the Amazon VPC User Guide.
By default, Lambda runs your functions in an internal virtual private cloud (VPC) with connectivity to AWS services and the internet. To access local network resources, you can configure your function to connect to a VPC in your account.
The simplest answer is YES. The instances in the private subnet can access the Internet by using a network address translation (NAT) gateway that resides in the public subnet. So, you should have a VPC with both private and public subnets. A NAT gateway must be created in a VPC with an Internet Gateway.
Go to the Route Tables panel; Select the public-subnet table, review its associations and make sure it's associated to the Public Subnet; Select the private-lambda table, review its associations and make sure It's associated to all the private-lambda-* subnets you just created.
As per the AWS docs, if your Lambda function is in a Private Subnet in a VPC, and needs internet access, you need a NAT gateway.
See: Grant Internet Access to a VPC Lambda Function
93
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
